📋 Which policies does your website need?
Use our interactive guide to discover the legal documents suited to your business type.
| Business Type | Privacy Policy | Terms & Conditions | Terms of Service | Cookie Policy | Refund Policy | Disclaimer | Create NDA | End User License Agreement | Data Processing Agreement | DMCA Policy | Accessibility Statement |
|---|---|---|---|---|---|---|---|---|---|---|---|
| E-Commerce Store | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | — | — | ✅ | — | ✅ |
| SaaS / Web App | ✅ | ✅ | ✅ | ✅ | — | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Blog / Content Site | ✅ | ✅ | — | ✅ | — | ✅ | — | — | — | ✅ | 🟡 |
| Mobile App | ✅ | ✅ | ✅ | — | ✅ | ✅ | ✅ | ✅ | ✅ | — | ✅ |
| Agency / Freelancer | ✅ | ✅ | ✅ | ✅ | — | ✅ | ✅ | — | ✅ | — | 🟡 |
| Non-Profit | ✅ | ✅ | — | ✅ | — | ✅ | — | — | ✅ | — | ✅ |
Understanding Each Legal Document
Privacy Policy — Required by virtually every data protection law worldwide (GDPR, CCPA, LGPD, PIPEDA), a privacy policy explains what personal data you collect, why you collect it, how you process it, and what rights users have over their information. Every website that uses analytics, forms, or cookies needs one.
Terms & Conditions / Terms of Service — These documents establish the rules and guidelines that govern how visitors use your website or application. They protect your intellectual property, limit your liability, and define acceptable behavior. The distinction between the two is mostly naming convention — "Terms of Service" is common for SaaS platforms, while "Terms & Conditions" is preferred for e-commerce.
Cookie Policy & Consent Banner — If your site uses cookies (including analytics like Google Analytics, advertising pixels, or session cookies), the EU ePrivacy Directive and UK PECR regulations require you to inform users and obtain consent before setting non-essential cookies.
NDA (Non-Disclosure Agreement) — Essential for protecting confidential business information when working with partners, contractors, or employees. NDAs are particularly critical for SaaS companies, agencies, and any business sharing proprietary data with third parties.
EULA (End User License Agreement) — Required for software products and mobile apps, a EULA defines how users may use your software, restricts reverse engineering, and outlines termination conditions.
DPA (Data Processing Agreement) — Mandated by GDPR Article 28 whenever you share personal data with third-party processors (hosting providers, email services, analytics tools). A DPA ensures the processor handles data according to your instructions and applicable laws.